SSLSocket.recv(0) receives up to 1024 bytes #67992

vadmium · 2015-03-29T10:30:24Z

BPO	23804
Nosy	@tiran, @alex, @vadmium, @dstufft
Files	recv-zero.patch recv-zero.v2.patch

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = <Date 2016-07-11.06:54:06.704>
created_at = <Date 2015-03-29.10:30:23.554>
labels = ['type-bug', 'library']
title = 'SSLSocket.recv(0) receives up to 1024 bytes'
updated_at = <Date 2016-07-11.13:29:04.603>
user = 'https://github.com/vadmium'

bugs.python.org fields:

activity = <Date 2016-07-11.13:29:04.603>
actor = 'martin.panter'
assignee = 'none'
closed = True
closed_date = <Date 2016-07-11.06:54:06.704>
closer = 'martin.panter'
components = ['Library (Lib)']
creation = <Date 2015-03-29.10:30:23.554>
creator = 'martin.panter'
dependencies = []
files = ['39378', '43555']
hgrepos = []
issue_num = 23804
keywords = ['patch']
message_count = 7.0
messages = ['239483', '243244', '262549', '269344', '270152', '270177', '270180']
nosy_count = 5.0
nosy_names = ['christian.heimes', 'alex', 'python-dev', 'martin.panter', 'dstufft']
pr_nums = []
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'behavior'
url = 'https://bugs.python.org/issue23804'
versions = ['Python 2.7', 'Python 3.5', 'Python 3.6']

vadmium · 2015-03-29T10:30:23Z

The documentation claims that SSL socket objects provide some of the same methods as plain socket objects, including recv(), and that the “bufsize” parameter specifies the maximum amount of data to be received. With ordinary sockets, socket.recv(0) always seems to return zero bytes (b""), as expected. But not so with SSL sockets:

>>> import socket, ssl
>>> s = ssl.wrap_socket(socket.create_connection(("localhost", 631)))
>>> s.sendall(b"GET / HTTP/1.1\r\nHost: localhost\r\n\r\n")
35
>>> len(s.recv(0))
263
>>> len(s.recv(0))
1024

The call will hang or raise SSLWantReadError when no data is actually available. Looking at the code, the value of zero seems to be used as a placeholder for a default of 1024 in SSLObject.read(). Either the SSL module should be fixed to return no bytes (my preference), or the documentation needs to warn that the recv(0) is not supported, or does not work the same as for plain sockets. SSLSocket.read() might also be affected.

vadmium · 2015-05-15T05:04:49Z

Here is a patch for 3.5 that changes the default size to explicitly be 1024, and tests that recv(0) and read(0) now work as I expect they should by returning nothing.

python-dev · 2016-03-28T03:08:37Z

New changeset 7a3c5f7dda86 by Martin Panter in branch '3.5':
Issue bpo-23804: Fix SSL recv/read(0) to not return 1024 bytes
https://hg.python.org/cpython/rev/7a3c5f7dda86

New changeset 72c457f9533a by Martin Panter in branch 'default':
Issue bpo-23804: Merge SSL zero read fix from 3.5
https://hg.python.org/cpython/rev/72c457f9533a

New changeset f4cff2bf9903 by Martin Panter in branch '2.7':
Issue bpo-23804: Fix SSL recv/read(0) to not return 1024 bytes
https://hg.python.org/cpython/rev/f4cff2bf9903

vadmium · 2016-06-27T04:32:23Z

This was not fixed properly. The first symptom is that recv(0) etc still blocks if the other end sends no data. The second symptom is that it does not work with suppress_ragged_eofs=False. The problem is SSL is still called to do a read, which returns zero, and that seems to be interpreted as some kind of EOF or shutdown indicator.

(IMO suppress_ragged_eofs=True is a bad default. It essentially treats a man-in-the-middle shutdown as a genuine secure shutdown, but that would be a separate issue.)

python-dev · 2016-07-11T01:38:09Z

New changeset 74856df7e55b by Martin Panter in branch '3.5':
Issue bpo-23804: Fix SSL zero-length recv() calls to not block and raise EOF
https://hg.python.org/cpython/rev/74856df7e55b

New changeset 43d7e5fb3bc2 by Martin Panter in branch '2.7':
Issue bpo-23804: Fix SSL zero-length recv() calls to not block and raise EOF
https://hg.python.org/cpython/rev/43d7e5fb3bc2

New changeset 4ef2404d343e by Martin Panter in branch 'default':
Issue bpo-23804: Merge SSL recv() fix from 3.5
https://hg.python.org/cpython/rev/4ef2404d343e

python-dev · 2016-07-11T13:20:56Z

New changeset df908a9d97a6 by Martin Panter in branch 'default':
Issue bpo-23804: Merge spelling and NEWS fixes from 3.5
https://hg.python.org/cpython/rev/df908a9d97a6

vadmium · 2016-07-11T13:29:05Z

Oops, that last merge is not related to this

vadmium added stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error labels Mar 29, 2015

vadmium closed this as completed Mar 28, 2016

vadmium reopened this Jun 27, 2016

vadmium closed this as completed Jul 11, 2016

ezio-melotti transferred this issue from another repository Apr 10, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSLSocket.recv(0) receives up to 1024 bytes #67992

SSLSocket.recv(0) receives up to 1024 bytes #67992

vadmium commented Mar 29, 2015

vadmium commented Mar 29, 2015

vadmium commented May 15, 2015

python-dev mannequin commented Mar 28, 2016

vadmium commented Jun 27, 2016

python-dev mannequin commented Jul 11, 2016

python-dev mannequin commented Jul 11, 2016

vadmium commented Jul 11, 2016

SSLSocket.recv(0) receives up to 1024 bytes #67992

SSLSocket.recv(0) receives up to 1024 bytes #67992

Comments

vadmium commented Mar 29, 2015

vadmium commented Mar 29, 2015

vadmium commented May 15, 2015

python-dev mannequin commented Mar 28, 2016

vadmium commented Jun 27, 2016

python-dev mannequin commented Jul 11, 2016

python-dev mannequin commented Jul 11, 2016

vadmium commented Jul 11, 2016